[Date Prev][Date Next] [Chronological] [Thread] [Top]

Referrals worked in 1.2.11, but not in 2.0.7



I've spent the past two weekends trying to move from 1.2.11 to 2.0.7.

I've almost got it working, but still have one more problem (which I hope is 
my last problem).

The machine is at 10.1.2.1 and I have two databases on the system.  One is 
replicated from another system and the other one lists only on this system.  
The replicated database is at o=vircio,c=US and the local database is at
dc=deepeddy,dc=com.

We do our searches against the localdatabase, but if things aren't found 
we look in the replicated database.

To do this, I've got an entry in the local database that looks like this:


dn: ref="ldap://10.1.2.1/o=vircio,c=US",dc=deepeddy,dc=com
objectclass: referral
ref: ldap://10.1.2.1/o=vircio,c=US

In 1.2.11, this worked fine, but I can't seem to get it working under 2.0.7.

>From the command line, 

	ldapsearch -v -x -b'o=vircio,c=us' '(cn=*)'

dumps stuff from the master database and

	ldapsearch -v -x -b'dc=deepeddy,dc=com' '(cn=*)'

dumps from the local database.  (I'm testing with the -x flag for now and will 
figure the SASL stuff out later.  One thing at a time.)

However, no query against the local database gets me any objects from the 
replicated database.  I've got a perl CGI which calls NET::LDAP::search which 
no longer returns LDAP_PARTIAL_RESULTS like it did previously.

Has the format of the referral object changed?

Possibly related, I can't figure out how to use the -H flag to ldapsearch:

# ldapsearch -vx -H ldap://10.1.2.1/o=vircio,c=us '(cn=*)'
ldap_initialize( ldap://10.1.2.1/o=vircio,c=us )
Could not create LDAP session handle (3): Time limit exceeded

Is this a symptom of the same problem or do I just not understand how it works?

Any clarity would be appreciated,
Chris

-- 
Chris Garrigues                 http://www.DeepEddy.Com/~cwg/
virCIO                          http://www.virCIO.Com
4314 Avenue C                   
Austin, TX  78751-3709		+1 512 374 0500

  My email address is an experiment in SPAM elimination.  For an
  explanation of what we're doing, see http://www.DeepEddy.Com/tms.html 

    Nobody ever got fired for buying Microsoft,
      but they could get fired for relying on Microsoft.


Attachment: pgpVe4tfsC425.pgp
Description: PGP signature